Computers and computer networks are complex systems. The security environment is constantly changing as new software programs are installed, each introducing new variables and relationships into the system. These systems have a degree of sharing, interdependency, and interactivity, which makes the entire computer or network vulnerable to flaws introduced at any part of the system.
A particular risk in computer systems is associated with privilege elevation. Any time the concept of identity is represented on a system there is the possibility of accidental crossing of those identities. Processes executing on a computer each have an associated identity and privilege. Similarly, access to files and resources may also have been granted to only certain identities or privileges. Privileges are used to specify the available files or resources for a particular process or user account.
Problems can arise where entities interact with other entities of different privileges. These problems are known as privilege elevation flaws. In one such example, a first account may have write access to a file that a second account executes or has read access to. This may potentially allow the first account to execute code as the second account because the first account can alter or change the executable that the second account runs. Multiple privilege hops or elevations can be joined into elevation chains. By following a privilege elevation path or chain, a hacker or malicious user can potentially gain complete access to a computer system's resources and accounts, and possibly access to other computers on the network.
While the problems associated with privilege elevation flaws are known, they are notoriously difficult to locate or diagnose. Modern operating systems provide a variety of privilege and access control functionality, but they offer no feedback regarding how effectively those privilege and access control functionalities are being used. Because computer processes interact with each other and the computer operating system in a variety of ways, potential new privilege flaws can be introduced into a system with every new software installation or account creation.